
TUI
We are adventurers. We share smiles. We create impact. We believe in the power of travel - it broadens the horizons of our customers as well as our employees. New places to live, new roles to explore, new communities to embrace. They are available to you, seize them!
About company Security architect
On-site
Lisbon, Porto, Faro, Madeira
July 11, 2026
Full-time
Security Architect
We're looking for a talented technical leader to join our newly formed Security Architecture team and drive control implementation across TUI's CISA-aligned Zero Trust programme. You'll be the primary driver of measurable security progress, converting strategy into deployed, verifiable controls that reduce real risk across our global technology estate.
ABOUT OUR OFFER
- Personal benefits: Attractive remuneration, exclusive travel perks & discounts, extensive health & wellbeing support, and more.
- Flexible working: Work is something you do, not somewhere you go. We encourage a healthy work-life balance and offer hybrid or remote working models.
- A career to shape: Opportunities to upskill, reskill and grow your career. Access the TUI Tech Learning Hub to level-up and reach your ambitions.
- Expand your horizons: Participate in our tech communities and collaborate on global projects and teams.
- Community: Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community.
ABOUT THE JOB
- You'll drive control implementation across all five CISA Zero Trust pillars - Identity, Devices, Networks, Applications and Workloads, and Data - translating pillar OKR commitments into specific, sequenced control deployments with defined owners, timelines, and measurable success criteria.
- Owning the measurement framework for Zero Trust maturity progression will be central to your role, using Microsoft Security Exposure Management, Maester security assessments, and Microsoft Secure Score to track control status changes.
- Working directly with pillar owners - Identity, Devices, Network, Applications, and Data leads - you'll convert high-priority workshop outputs into active delivery backlogs.
- You'll provide technical depth across pillar-specific control areas including Conditional Access policy design, Entra ID Governance, phishing-resistant MFA deployment, and secure remote access patterns.
- You'll generate evidence of risk reduction for board reporting and cyber insurance renewal.
ABOUT YOU
- You have a demonstrable track record of delivering Zero Trust control implementation across enterprise environments.
- Hands-on experience with Microsoft Security Exposure Management, Microsoft Secure Score, and Microsoft Defender suite.
- Proficiency with Entra ID, Intune, Defender for Endpoint, and Defender for Office 365.
- You're able to identify and challenge shared ownership arrangements.
- Experience working within an OKR framework.
Job Details
Location: Matosinhos Municipality, Portugal; Lisbon, Portugal; Funchal, Portugal; Faro, Portugal; Flexible
Contract Type: Permanent
Job Type: Full Time
Hours: Depends on local regulations.